2026-03-25
The Register
26 related
Two versions of LiteLLM, an interface for accessing LLMs, have been removed from PyPI after a supply chain attack injected them with credential-stealing code
Two versions of LiteLLM, an open source interface for accessing multiple large language models, have been removed from the Python Package Index …
2026-03-24
The Register
16 related
Two versions of LiteLLM, an interface for accessing LLMs, have been removed from PyPI after a supply chain attack injected them with credential-stealing code
Two versions of LiteLLM, an open source interface for accessing multiple large language models, have been removed from the Python Package Index …
2023-11-16
Ars Technica
7 related
GitGuardian: nearly 3K of the 450K projects submitted to PyPI exposed at least one credential in code, like API keys, including some from “very large companies”
Many transgressions come from “very large companies that have robust security teams.”
2021-02-11
BleepingComputer
10 related
A researcher was able to breach 35+ companies, including Microsoft and Apple, using a software supply chain attack that leveraged an open source ecosystem flaw
here's how to protect against it Tweets: Pukhraj Singh / @rungrage : Being so out in the public domain, this is going to be a house of pain for software companies. On the policy side: this is why inte...
Loading articles...